Improper Authorization Vulnerability in HUAWEI Mate 20 Smartphones
CVE-2020-1807

3.5LOW

Key Information:

Vendor: Huawei
Status: Huawei Mate 20
Vendor: CVE Published:; 27 April 2020

Summary

HUAWEI Mate 20 smartphones running software versions earlier than 10.0.0.188(C00E74R3P8) are susceptible to an improper authorization vulnerability. This flaw allows attackers to modify specific configuration files without appropriate restrictions. If exploited successfully, users may bypass app locks by performing a series of operations in ADB mode, potentially compromising device security and user privacy.

Affected Version(s)

HUAWEI Mate 20 Versions earlier than 10.0.0.188(C00E74R3P8)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 27, 2020
Vulnerability Reserved
Nov 29, 2019